Privacy Policy

Disclosure pursuant to Art. 13 of the European Regulation 679/2016


Pursuant to Art. 13 of the European Regulation (EU) 2016/679 (hereinafter GDPR), and in relation to the personal data that the company will come into the possession of with the performance of the assignment, we inform you of the following:

Data controller and data protection officer

The Data Controller is Oscar Sport S.R.L. (P.IVA: 04316980269), based in 31044 Montebelluna TV Via Cal Trevisana, 26/D The Data Controller can be contacted at the following e-mail address: info@oscarsport.com
The Data Controller has appointed multiple data processors and multiple data controllers to assist the Data Controller, whose names will be provided upon request. The company has not appointed a personal data protection officer, as it does not meet the requirements.

Purpose of data processing

Processing is for the purpose of the proper execution of the entrusted task. Your data will also be processed for the purpose of:

  • Perform the services detailed in the contract signed between the parties;
  • Fulfilling the obligations provided for in administrative, tax and accounting matters;
  • Comply with the obligations incumbent on the company and provided for in current legislation.
    Personal data may be processed by means of, both paper and computer files (including portable devices) and processed in a manner strictly necessary to meet the above purposes.

Legal basis for processing

The company processes your personal data lawfully, where the processing is necessary for the performance of the entrusted task, on the basis of a contract signed between the parties, or to fulfill a legal obligation as well as, where it is based on express consent, for all further purposes.

Consequences of non-disclosure of personal data

With respect to personal data related to the performance of the assignment to which you are a party or related to the fulfillment of a regulatory obligation (e.g., fulfillments related to the keeping of accounting and tax records), failure to disclose personal data prevents the completion of the contractual relationship itself.

Data retention

Your personal data, subject to processing for the above-mentioned purposes, will be retained for the period of the duration of the requested service and, thereafter, for as long as retention obligations remain for tax or other purposes, required by law or regulation. The data controller does not transfer personal data to third countries or international organizations. However, it reserves the possibility of using cloud services, in which case, the providers will be selected from those with adequate guarantees, ex art. 46 Reg.UE 679/2016.

Disclosure of data

Your personal data may be disclosed to:

  1. consultants and accountants or lawyers for accounting/tax compliance or protection of contractual rights (e.g., the accountant and labor consultant, data controllers);
  2. Banking institutions that provide functional services for payments, collections, reimbursements related to contractual performance;
  3. individuals who process data in performance of specific legal obligations or by contract (e.g., employees and collaborators, data processors);
  4. Judicial or administrative authorities, for the fulfillment of legal obligations.

Breach of Personal Data (Data Breach)

The Data Controller undertakes to notify without delay from the time of detection, any violation (the loss, dissemination or compromise) of the collected personal data. Such communication will first be made to the relevant supervisory authority, and provided the conditions set forth in Art. 34, even to those directly involved.

Data Profiling and Dissemination

Your personal data are not subject to dissemination or to any fully automated decision-making process, including profiling, unless you give your express and specific written consent.

Rights of the data subject

Your rights under the GDPR include those of:

  • to request access to your personal data and information relating to them; rectification of inaccurate data or supplementation of incomplete data; deletion of personal data relating to you (upon the occurrence of one of the conditions indicated in Article 17(1) of the GDPR and in compliance with the exceptions provided for in paragraph 3 of the same article); limitation of the processing of your personal data (upon the occurrence of one of the cases indicated in Article 18(1) of the GDPR);
  • to request and obtain – in cases where the legal basis of the processing is a contract or consent, and the processing is carried out by automated means – your personal data in a structured, machine-readable format, including for the purpose of communicating such data to another data controller (so-called right to personal data portability);
  • Object at any time to the processing of your personal data;
  • revoke consent at any time, limited to cases where processing is based on your consent for one or more specific purposes and involves common personal data (e.g., date and place of birth or place of residence), or special categories of data (e.g., data revealing your racial origin, political opinions, religious beliefs, health status, or sex life). Processing based on consent and carried out prior to the revocation of consent retains, however, its lawfulness;
  • Propose a complaint to a supervisory authority, if you believe that the processing concerning you violates the regulations on the protection of personal data (Guarantor Authority for the Protection of Personal Data – protocollo@pec.gpdp.it).